diff options
| author | Tristan Darricau <github@nicofuma.fr> | 2016-09-18 21:12:19 +0200 |
|---|---|---|
| committer | Tristan Darricau <github@nicofuma.fr> | 2016-09-18 21:12:19 +0200 |
| commit | bc08813866a4496b88777a5d152f601ac521fef1 (patch) | |
| tree | 47a1c4bd25564b2d3b037e3f2cc2adc11129b35b /phpBB/includes/acp/acp_database.php | |
| parent | 27e33f39f7553d2f24fdeae004810493f063265d (diff) | |
| parent | 72f6241aa2c6d129c8c49380d84fd915d589aa6c (diff) | |
| download | forums-bc08813866a4496b88777a5d152f601ac521fef1.tar forums-bc08813866a4496b88777a5d152f601ac521fef1.tar.gz forums-bc08813866a4496b88777a5d152f601ac521fef1.tar.bz2 forums-bc08813866a4496b88777a5d152f601ac521fef1.tar.xz forums-bc08813866a4496b88777a5d152f601ac521fef1.zip | |
Merge pull request #4452 from marc1706/ticket/14789
[ticket/14789] Further harden ACP link and form checks
* marc1706/ticket/14789:
[ticket/14789] Add form tokens to tests and uncomment add_form_key
[ticket/14789] Add link hashes and form tokens to all acp links/buttons
Diffstat (limited to 'phpBB/includes/acp/acp_database.php')
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 9666ac5b6e..16655ff4cb 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -39,6 +39,14 @@ class acp_database $action = request_var('action', ''); $submit = (isset($_POST['submit'])) ? true : false; + $form_key = 'acp_database'; + add_form_key($form_key); + + if ($submit && !check_form_key($form_key)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + $template->assign_vars(array( 'MODE' => $mode )); |